Unverified Commit b684e9c6 authored by Arian van Putten's avatar Arian van Putten Committed by GitHub
Browse files

fluent-bit: link against Nix dependencies, fix Darwin builds, and add NixOS module (#365493)

parents f6db95df 3366b27e

ci/OWNERS

+4 −1
Original line number Diff line number Diff line
@@ -149,10 +149,13 @@ nixos/modules/installer/tools/nix-fallback-paths.nix @NixOS/nix-team @raitobeza 
/nixos/modules/services/monitoring/amazon-cloudwatch-agent.nix @philipmw

/nixos/tests/amazon-cloudwatch-agent.nix                       @philipmw



# Monitoring

/nixos/modules/services/monitoring/fluent-bit.nix @arianvp

/nixos/tests/fluent-bit.nix                       @arianvp



# nixos-rebuild-ng

/pkgs/by-name/ni/nixos-rebuild-ng                 @thiagokokada





# Updaters

## update.nix

/maintainers/scripts/update.nix   @jtojnar

nixos/doc/manual/release-notes/rl-2505.section.md

+2 −0
Original line number Diff line number Diff line
@@ -116,6 +116,8 @@ 


- [Amazon CloudWatch Agent](https://github.com/aws/amazon-cloudwatch-agent), the official telemetry collector for AWS CloudWatch and AWS X-Ray. Available as [services.amazon-cloudwatch-agent](options.html#opt-services.amazon-cloudwatch-agent.enable).



- [Fluent Bit](https://github.com/fluent/fluent-bit), a fast Log, Metrics and Traces Processor and Forwarder. Available as [services.fluent-bit](#opt-services.fluent-bit.enable).



- [Bat](https://github.com/sharkdp/bat), a {manpage}`cat(1)` clone with wings. Available as [programs.bat](options.html#opt-programs.bat).



- [Autotier](https://github.com/45Drives/autotier), a passthrough FUSE filesystem. Available as [services.autotierfs](options.html#opt-services.autotierfs.enable).

nixos/modules/module-list.nix

+1 −0
Original line number Diff line number Diff line
@@ -934,6 +934,7 @@ 
  ./services/monitoring/das_watchdog.nix

  ./services/monitoring/datadog-agent.nix

  ./services/monitoring/do-agent.nix

  ./services/monitoring/fluent-bit.nix

  ./services/monitoring/fusion-inventory.nix

  ./services/monitoring/gatus.nix

  ./services/monitoring/gitwatch.nix

nixos/modules/services/monitoring/fluent-bit.nix

0 → 100644
+103 −0
Original line number Diff line number Diff line 
{

  config,

  lib,

  pkgs,

  utils,

  ...

}:

let

  cfg = config.services.fluent-bit;



  yamlFormat = pkgs.formats.yaml { };

in

{

  options.services.fluent-bit = {

    enable = lib.mkEnableOption "Fluent Bit";

    package = lib.mkPackageOption pkgs "fluent-bit" { };

    configurationFile = lib.mkOption {

      type = lib.types.path;

      default = yamlFormat.generate "fluent-bit.yaml" cfg.settings;

      defaultText = lib.literalExpression ''yamlFormat.generate "fluent-bit.yaml" cfg.settings'';

      description = ''

        Fluent Bit configuration. See

        <https://docs.fluentbit.io/manual/administration/configuring-fluent-bit/yaml>

        for supported values.



        {option}`configurationFile` takes precedence over {option}`settings`.



        Note: Restricted evaluation blocks access to paths outside the Nix store.

        This means detecting content changes for mutable paths (i.e. not input or content-addressed) can't be done.

        As a result, `nixos-rebuild` won't reload/restart the systemd unit when mutable path contents change.

        `systemctl restart fluent-bit.service` must be used instead.

      '';

      example = "/etc/fluent-bit/fluent-bit.yaml";

    };

    settings = lib.mkOption {

      type = yamlFormat.type;

      default = { };

      description = ''

        See {option}`configurationFile`.



        {option}`configurationFile` takes precedence over {option}`settings`.

      '';

      example = {

        service = {

          grace = 30;

        };

        pipeline = {

          inputs = [

            {

              name = "systemd";

              systemd_filter = "_SYSTEMD_UNIT=fluent-bit.service";

            }

          ];

          outputs = [

            {

              name = "file";

              path = "/var/log/fluent-bit";

              file = "fluent-bit.out";

            }

          ];

        };

      };

    };

    # See https://docs.fluentbit.io/manual/administration/configuring-fluent-bit/yaml/service-section.

    graceLimit = lib.mkOption {

      type = lib.types.nullOr (

        lib.types.oneOf [

          lib.types.ints.positive

          lib.types.str

        ]

      );

      default = null;

      description = ''

        The grace time limit. Sets the systemd unit's `TimeoutStopSec`.



        The `service.grace` option in the Fluent Bit configuration should be ≤ this option.

      '';

      example = 30;

    };

  };



  config = lib.mkIf cfg.enable {

    # See https://github.com/fluent/fluent-bit/blob/v3.2.6/init/systemd.in.

    systemd.services.fluent-bit = {

      description = "Fluent Bit";

      after = [ "network.target" ];

      requires = [ "network.target" ];

      wantedBy = [ "multi-user.target" ];

      serviceConfig = {

        DynamicUser = true;

        # See https://nixos.org/manual/nixos/stable#sec-logging.

        SupplementaryGroups = "systemd-journal";

        ExecStart = utils.escapeSystemdExecArgs [

          (lib.getExe cfg.package)

          "--config"

          cfg.configurationFile

        ];

        Restart = "always";

        TimeoutStopSec = lib.mkIf (cfg.graceLimit != null) cfg.graceLimit;

      };

    };

  };

}

nixos/tests/all-tests.nix

+1 −0
Original line number Diff line number Diff line
@@ -433,6 +433,7 @@ in { 
    imports = [ ./firefox.nix ] ;

    _module.args.firefoxPackage = pkgs.floorp;

  };

  fluent-bit = handleTest ./fluent-bit.nix {};

  fluentd = handleTest ./fluentd.nix {};

  fluidd = handleTest ./fluidd.nix {};

  fontconfig-default-fonts = handleTest ./fontconfig-default-fonts.nix {};